Skip to content

Removes CSP headers in dev environment#508

Open
joehakimrahme wants to merge 1 commit intolyrgard:masterfrom
joehakimrahme:csp-headers
Open

Removes CSP headers in dev environment#508
joehakimrahme wants to merge 1 commit intolyrgard:masterfrom
joehakimrahme:csp-headers

Conversation

@joehakimrahme
Copy link
Contributor

@joehakimrahme joehakimrahme commented Jan 26, 2021

The CSP headers included in the requests are causing failures with
fontawesome. This in turn is causing some functionality (like pinning or
banning specific items in the builders) to disappear.

This patch removes the CSP headers from requests if the app is launched
in dev mode. It does make the app vunlerable to XSS attacks but, hey,
it's dev mode. Don't run this in production anyway.

Fixes #507

@joehakimrahme
Removes CSP headers in dev environment
0ffd879 
The CSP headers included in the requests are causing failures with
fontawesome. This in turn is causing some functionality (like pinning or
banning specific items in the builders) to disappear.

This patch removes the CSP headers from requests if the app is launched
in dev mode. It does make the app vunlerable to XSS attacks but, hey,
it's dev mode. Don't run this in production anyway.

Fixes lyrgard#507
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Refused to connect to [FontAwesome] because it violates the document's Content Security Policy.

1 participant

@joehakimrahme